Privacy Policy
How we protect the data of tourists, visitors, and our partners.
Last update: 14.05.20261. Who processes the data? (The Controller)
Personal data collected through the www.giaconnect.com platform is processed by:
CUI: 48870445 | Reg. Com: J23/6383/2023
Sediu: Str. Oituz, nr. 80, Popești Leordeni, Jud. Ilfov
DPO Email (Data Protection Officer): contact@giaconnect.com
2. What data do we collect and from whom?
The platform collects data differently, depending on how you interact with the site:
When you send a booking request, we collect:
- Identification data: First Name, Last Name.
- Contact data: Phone number, Email address.
- Stay details: Check-in date, check-out date, message to the owner.
Purpose: Intermediating the connection between you and the accommodation unit. The data is transmitted directly to the Owner to validate the booking.
When you navigate the site, the system automatically collects:
- Technical data: IP address, browser type, operating system.
- Cookies: Browsing preferences (see Cookie Policy).
Purpose: Site security (preventing cyber attacks) and anonymous traffic statistics.
On the public side of the site, we process:
- Public contact data: Unit name, Physical address, Reception phone (which you chose to display).
- Images and descriptions: Content uploaded for promotion.
3. Legal Basis and Purpose of Processing
| Action | Legal Basis (GDPR) |
|---|---|
| Sending the booking request | Performance of a contract (or steps prior) at the data subject request (Art. 6.1.b) |
| User contact (Confirmations/Support) | Legitimate Interest for the proper functioning of the service (Art. 6.1.f) |
| Site security (Logs, IP) | Legitimate Interest and Legal Obligation for security |
| Billing (only if direct payments exist) | Legal Obligation (Fiscal Code) |
4. To whom do we disclose your data?
Data is not sold. It is transmitted only to:
- Accommodation Owner: If you are a tourist, your data (Name, Phone) reaches the owner so they can receive you. The owner becomes an independent controller of this data.
- Public Authorities: Only in case of an official legal request (Police, Prosecution).
- IT Providers: Hosting firm (secure servers in EU) and maintenance, who have contractual confidentiality obligations.
5. How long do we keep the data?
- Data from booking requests: 3 years (general statute of limitations).
- Security logs (IP): Maximum 12 months.
- User accounts: Until deletion request or account closure.
6. Your Rights
According to Regulation 2016/679/EU, you have the following rights:
- Right of access: To know what data we have about you.
- Right to rectification: To correct incorrect data.
- Right to erasure (\\\\\\\"Right to be forgotten\\\\\\\"): To ask for data deletion (unless there are opposing legal obligations).
- Right to portability: To receive data in a standard format.
- Right to opposition: To refuse processing based on legitimate interest.
- Right to lodge a complaint: With the Supervisory Authority (ANSPDCP).
How to exercise your rights?
Send a written request to the email address contact@giaconnect.com. We will respond within maximum 30 days.
7. Data Security
We use encrypted SSL (HTTPS) connections to protect data in transit. Our servers are permanently monitored to prevent unauthorized access.
